hackbrowserdata | 2025-01-11_c68062020f8db3200c7c2a718ffebed7_snatch

General

Target

2025-01-11_c68062020f8db3200c7c2a718ffebed7_snatch
Size

3.3MB
MD5

c68062020f8db3200c7c2a718ffebed7
SHA1

8b29cca6d56f9a764c1d2ced8fd272ef15a198af
SHA256

75d1ed2b9736dd1e79efa4b4ecb3fec27acd0b9ab31ef23d226ed4021c58e3e1
SHA512

0596487fab10eb1c4e7a4c0941879f76af9b62e696071db0f9ff85103df6ef0f0c14c422277916142995e7fa9fb208212b3464025bcd24149ce318da1944e83b
SSDEEP

98304:tVd6ZLw+J87yPXH1U5vYA7RzZfedcD3OdxgDTU2:jduJlXSX/5D3Xv

Score

10^/10

Malware Config

Signatures

An open source browser data exporter written in golang. 1 IoCs

resource	yara_rule
static1/unpack001/out.upx	family_hackbrowserdata

Hackbrowserdata family
hackbrowserdata

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2025-01-11_c68062020f8db3200c7c2a718ffebed7_snatch
unpack001/out.upx

Files

2025-01-11_c68062020f8db3200c7c2a718ffebed7_snatch
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 5.8MB

UPX1 Size: 3.3MB - Virtual size: 3.3MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.rdata Size: 4.0MB - Virtual size: 4.0MB

.data Size: 217KB - Virtual size: 380KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 180KB - Virtual size: 180KB

.symtab Size: 512B - Virtual size: 4B

UPX0
Size: - Virtual size: 5.8MB

UPX1
Size: 3.3MB - Virtual size: 3.3MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 4.4MB - Virtual size: 4.4MB

.rdata
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 217KB - Virtual size: 380KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 180KB - Virtual size: 180KB

.symtab
Size: 512B - Virtual size: 4B